An electronic security system may use password protection, a firewall, or both to prevent an unauthorized user from compromising the integrity of a business-to-business transaction or internal data processing resource of a business entity. An internal data processing resource may include a business-to-business server, an enterprise resource planning system, a data processing system, or any combination of the foregoing items. Because of deficient electronic security systems used in the prior art, a business entity may be impeded to find trading partners that are willing to place their internal data processing resources at risk by engaging in electronic transactions over an external communications network, such as the Internet. The security risks associated with inadequate security systems include misappropriation of confidential information, trade secrets, and proprietary customer information. Moreover, an unauthorized user may corrupt or vandalize software that disrupts the business operations of an entity.
An internal data processing resource may include a password authentication system that provides a log-in and associated password to restrict unauthorized traffic access. Accordingly, the authentication system may protect the entity's internal data processing resources from some exposure to unauthorized external traffic carried via an external communications network (e.g., the Internet). However, the password protection scheme is limited in its effectiveness because an unauthorized user may crack an authorized log-in identifier and password combination by trying numerous combinations or iterations of possible log-in identifiers and passwords, for example.
The password protection scheme is typically supplemented with a firewall protection scheme. A firewall refers to software instructions, hardware, or both that filter traffic to allow only traffic from an approved source or with an approved port identifier to pass through the electronic firewall. The firewall may block out unauthorized traffic from reaching the data communication system from the external communications network. The firewall may prevent unauthorized outsiders from gaining access to internal data processing resources of an entity.
The effectiveness of the firewall approach deteriorates where a web server is interposed in a communications path between the firewall and the external communications network. The web server inherently draws unknown users from the external communications network (e.g., the Internet). Further, security measures for the web server tend to be minimal in comparison to those for the internal data processing resources to keep the web server open and accessible to potential customers and other economic activity. Because of the attendant proliferation in the number of users that the firewall must protect against in the presence of the web server, the internal resources of the data communication system and electronic transactions are more vulnerable to attack.
The task of providing sufficient security to an internal data processing system (e.g., enterprise resource planning system) is further complicated by the requirement of providing access of the internal data processing resources to the external communication network for legitimate business dealings and electronic transactions with trading partners or other users. Thus, the need exists for a security configuration that adequately protects the internal data processing resources of an entity's internal system from unauthorized user access, while providing ready communications access between trading partners.